Memory Management Vulnerability in Linux Kernel Affects Security of Crypto Data
CVE-2025-38575

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 April 2025

What is CVE-2025-38575?

A vulnerability has been identified in the Linux kernel's handling of memory allocation related to the ksmbd service. The flaw stems from improper memory deallocation that could leave sensitive cryptographic data unprotected. The function aead_request_free() should be utilized in place of kfree() to ensure that sensitive information is securely zeroed out before being freed. This change enhances data security by preventing potential information leakage, ensuring that sensitive cryptographic materials are permanently wiped from memory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 < 571b342d4688801fc1f6a1934389dac09425dc93

Linux e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9

Linux e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 < 1de7fec4d3012672e31eeb6679ea60f7ca010ef9

References

https://git.kernel.org/stable/c/571b342d4688801fc1f6a1934...
https://git.kernel.org/stable/c/a6b594868268c3a7bfaeced91...
https://git.kernel.org/stable/c/1de7fec4d3012672e31eeb667...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.